class Google::Apis::ContaineranalysisV1beta1::BuildSignature
Message encapsulating the signature of the verified build.
Attributes
An ID for the key used to sign. This could be either an ID for the key stored in `public_key` (such as the ID or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service). Corresponds to the JSON property `keyId` @return [String]
The type of the key, either stored in `public_key` or referenced in `key_id`. Corresponds to the JSON property `keyType` @return [String]
Public key of the builder which can be used to verify that the related findings are valid and unchanged. If `key_type` is empty, this defaults to PEM encoded public keys. This field may be empty if `key_id` references an external key. For Cloud Build
based signatures, this is a PEM encoded public key. To verify the Cloud Build
signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from ` BuildDetails` are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: `openssl sha256 -verify public.pem - signature signature.bin signed.bin` Corresponds to the JSON property `publicKey` @return [String]
Required. Signature
of the related `BuildProvenance`. In JSON, this is base-64 encoded. Corresponds to the JSON property `signature` NOTE: Values are automatically base64 encoded/decoded in the client library. @return [String]
Public Class Methods
# File lib/google/apis/containeranalysis_v1beta1/classes.rb, line 527 def initialize(**args) update!(**args) end
Public Instance Methods
Update properties of this object
# File lib/google/apis/containeranalysis_v1beta1/classes.rb, line 532 def update!(**args) @key_id = args[:key_id] if args.key?(:key_id) @key_type = args[:key_type] if args.key?(:key_type) @public_key = args[:public_key] if args.key?(:public_key) @signature = args[:signature] if args.key?(:signature) end